* changes:
Catch ServiceSpecificException instead of IllegalStateException.
Manage NAT64 prefix discovery lifecycle in the framework.
Track NAT64 in the framework and start clatd iff NAT64 detected
Change Nat464Xlat lifecycle.
Minor improvements to verifyTcpBufferSizeChange.
Currently NAT64 prefix discovery, which runs in netd, is started
by netd itself when a network is programmed with all-IPv6 DNS
servers. Unfortunately this is not correct because in many cases
we program DNS servers before the network is connected and it's
actually possible to send packets to them.
In general netd does not have enough visibility into network
lifecycle management to decide when to start and stop prefix
discovery. So move it into the framework with the rest of the
464xlat control plane.
Bug: 65674744
Test: atest FrameworksNetTests
Change-Id: I8fa051a9c216d9c05082bf7d0bbb0cbd56000162
Currently, both netd and clatd do NAT64 prefix detection, and we
start clatd on all IPv6-only networks regardless of whether netd
has detected a NAT64 prefix or not.
Instead, track the NAT64 prefix in the framework, and only start
clatd if the prefix is detected. This will allow us to remove
DNS64 detection in clatd, and pass the NAT64 prefix and the IPv6
address to clatd on the command line instead of clatd finding it
itself. That way, netd and the framework will always know how
464xlat is configured, and we'll be able to use that information
in netd.
Test: builds, boots
Test: atest FrameworksNetTests
Change-Id: Ida32d5760c5aecf7aeebef08fdb596291b2ce14a
Currently, NetworkAgentInfo keeps a Nat464Xlat object only on
networks where we're starting clatd (i.e., IPv6-only networks).
Simplify this code by making the Nat464Xlat object final and
always non-null. This allows us to use Nat464Xlat to store
information, such as the NAT64 prefix, even if the clat daemon
has not been started yet.
Also, remove the STOPPING state which waits for the interface to
be removed. Instead, when stop() is called, immediately enter the
IDLE state.
- This is necessary in order to be able to call start() again
before the interface removal notification has arrived.
- It's also arguably more correct than the current code,
because when stop() returns clatd has already terminated
(ClatdController::stopClatd calls waitpid), and thus the tun
fd is already closed and the tun interface is gone.
Also, now that Nat464Xlat objects are reused after stop(), add
test coverage for calling start() after stop, in both cases:
- The notification that the previous interface was removed
arrives before the second start().
- The notification that the previous interface was removed
arrives after the second start() but before the notification
that the second interface was added.
Also fix a couple of lint warnings.
Test: builds, boots
Test: atest FrameworksNetTests
Test: clatd stops when IPv4 address added
Test: clatd restarts after "adb shell killall clatd"
Change-Id: I3dc66d155aa27606681f3473daf2170434d8c6d0
1. Remove "throws Exception" from the signature so it can be used
in tests that do not already throw Exception.
2. Update comment to reflect the fact that TCP buffer sizes are
set on default network switch, not on connect.
3. Move into the method a class-level static constant that is
only used in that method.
Test: atest ConnectivityServiceTest
Change-Id: Ic2e4fbedc23065efc20e45ea84996b577a8e94b6
Bug: 122652441
Test: atest com.android.server.connectivity.VpnTest
Test: Establish a IPv4 VPN with minimal routes and check
(dumpsys connectivity) the VPN network does not have INTERNET
capability.
Change-Id: Ic7f19ebb7b7f78a6ffb2a8ec3fc3eca5e5421f57
NetworkStack is only used in services.net or clients of services.net. It
cannot stay in framework.jar because it needs to depend on AIDL
interfaces, which would conflict with app implementations if they were
in framework.jar.
Test: atest FrameworksNetTests NetworkStackTests
Bug: 124033493
Change-Id: Ib1d08a3669983640119d008db7e2990fa798724f
Merged-In: I501b125a388c1100c2182bde4670944c2f0d7a02
Previously, they were only updated when underlying network set was
non-null.
This change also ensures that all the calls b/w ConnectivityService and
Vpn that leads to updating capabilities are on ConnectivityService
handler thread.
Additionally, it also ensures that capabilities are propagated after VPN
enters connected state. This was previously done from establish which
could potentially lead to race between VPN getting connected and
capabilities getting updated.
This change also updates VPN capabilities inline from
ConnectivityService handler thread. Previously, there was an additional
loop where Vpn would update capabilities via NetworkAgent thru
AsyncChannel which posts back to CS handler thread, which could
potentially lead to delays in updating VPN capabilities.
Bug: 119129310
Bug: 118856062
Bug: 124268198
Test: atest FrameworksNetTests
Test: manual - verified VPNs capabilities are getting updated and
DownloadManager is working correctly.
Change-Id: Id0abc4d304bb096e92479a118168690ccce634ed
The test did not wait for the WifiNetworkAgent to disconnect, and there
are reports of flakes where it is still connected in
connectKeepaliveNetwork.
Test: atest FrameworksNetTests
Bug: 124319553
Change-Id: I85968806885c8853ec4f4dbea356366c1af0ea1c
Have the network stack pass its package name in
showProvisioningNotification instead.
Bug: 124033493
Test: flashed, WiFi and captive portal works
Test: atest FrameworksNetTests NetworkStackTests
Change-Id: I1f3312768ba1fb34e99a827e1fcdaf7510e318a8
When offload is starting, socket will be switched to repair
mode. Read and write on the socket will not be allowed until
repair mode is turned off. If remote packet arrives, repair
mode will be turned off automatically and a callback will
be raised to indicate that socket is ready to read from.
Bug: 114151147
Test: -atest FrameworksNetTests
-manual
Change-Id: I0c335865912e183e7ad32a8ea12188f02ccde5fd
In previous change, the new SocketKeepalive API was exported.
But internally, old PacketKeepalive names and structures are
still used.
This change rename them properly for code consistency and also
refactor KeepalivePacketData to support different types of
KeepalivePacketData.
Bug: 114151147
Test: 1. atest FrameworksNetTests
2. atest FrameworksWifiTests
3. atest FrameworksTelephonyTests
Change-Id: Ia9917d12987e91e87e34ffb3f126e7bc7c9c187e
Merged-In: Ia9917d12987e91e87e34ffb3f126e7bc7c9c187e
For VPN apps targeting Q and above, they will by default be treated as
metered unless they override this setting before establishing VPN.
Bug: 120145746
Test: atest FrameworksNetTests
Test: On device tests verifying meteredness setup correctly for apps
targeting Q and apps targeting P.
Change-Id: Ia6d1f7ef244bc04ae2e28faa59625302b5994875
Includes various small changes to stop using hidden APIs
Test: make NetworkStack
Test: flashed, booted, WiFi and tethering working
Bug: 112869080
Change-Id: Id2830795a444f484b377ed6437435a1cd833697a
Captive portal app will be auto dismissed after user login the
captive portal network. In order to improve the user experience,
popup a notification to notify user that the captive portal
network is connected.
Bug: 113629026
Test: 1.atest FrameworksNetTests:NetworkNotificationManagerTest
2.Connect to a captive portal network and login, check if
there is a notification popup.
Change-Id: Id54d12268e107af2f213c2bb348c5f7908e880f4
Adds system api of createSocketKeepalive to take file descriptor,
so privileged apps could use it without the need of IpSecService.
Bug: 114151147
Test: atest FrameworksNetTests
Change-Id: If926c21704b6ed73a0adfcadad732b97b42bacae
The new set of API replace the PacketKeepalive system API
which is only specific for IPsec NAT-T keepalive packet. Allows
applications to request different types of keepalives through
the same set of API.
By using keepalives, applications could request system to
periodically send specific packets on their behalf, using
hardware offload to save battery power.
This change would only address interface change and test part of
original functionality. After all reference of PacketKeepalive
are removed, another change would be submitted to remove old
API.
Bug: 114151147
Test: atest FrameworksNetTests
Change-Id: I3367666810acc44d5ad20e19acd4bf936e8b5d9c
This avoids the need to expose ConnectivityService implementation
details as @SystemApi and the complexities that would be required
to make NetworkCapabilities parcelable in stable AIDL.
Bug: 112869080
Test: atest FrameworksNetTests NetworkStackTests
Change-Id: Icd5d25b9b8e9b7a7d1899b000c92dc4976c3b3d7
Currently testStackedLinkProperties accounts for some of the
NetworkCallbacks that are fired, but not all of them. The test
passes because it only ever expects LinkProperties changed
callbacks (and not, e.g., lost callbacks), because it uses
waitForIdle(), and because at the end, when the callback is
unregistered, it does not call assertNoCallback().
Add the missing callback expectation and expect a LOST callback
at the end. Also add an assertNoCallback, even though it's not
strictly necessary. Remove all the waitForIdle statements, which
are no longer necessary because every assertion happens after
waiting for a callback.
Making the expectations more precise in a separate CL will help
ensure that upcoming changes to this code don't break anything,
and will make said changes easier to review.
Bug: 65674744
Test: atest FrameworksNetTests
Test: ConnectivityServiceTest#testStackedLinkProperties passes 400 times
Change-Id: I73cda0dd029a0e6546f7272beedf841ce5a4c0dc
Network specifiers are used for 2 purposes:
- As part of network requests to specify more information on the type
of requested networks.
- On network agents to specify information about their networks.
The network specifiers of the requests and agents are matched to each
other. However, the agent network specifier may contain sensitive
information which we do not want forwarded to any app.
This CL adds an option to strip out this agent network specifier before
the network capabilities are forwarded to the app.
Bug: 122160111
Test: atest ConnectivityServiceTest (frameworks/base/tests/net)
Test: atest frameworks/base/tests/net
Test: atest frameworks/opt/net/wifi/tests/wifitests
Test: atest frameworks/opt/telephony/tests/telephonytests
Test: atest frameworks/opt/net/ethernet/tests
Test: atest android.net.cts - some flakiness!
Test: act.py ThroughputTest
Test: act.py DataPathTest
Test: atest SingleDeviceTest (cts)
Change-Id: If08d312ff814bdde1147518f923199e6349503d5
Make Nat464Xlat talk to netd directly instead of through
NetworkManagementService. The methods in NetworkmanagementService
don't really provide any value: since the only thing they do is
call into netd, we might as well have the callers talk to netd
directly,
In order to do this, pass INetworkManagementService and INetd to
the NetworkAgentInfo constructor, and update callers appropriately.
Bug: 65674744
Test: builds, boots
Test: atest FrameworksNetTests
Change-Id: Iac4cfe709c6279e4d9682b6754963e533707bd12
Currently we support exactly one NAT64 prefix. This matches what
other components in the system (Dns64Configuration, clatd, etc.)
support.
Test: atest FrameworksNetTests
Change-Id: I45a11cebe43a5e1c60d50eca7889cb317565b598
